Bug 1152818

Summary: llz give ? for the security context of a file, which is wrong
Product: [Community] Virtualization Tools Reporter: Lingfei Kong <lkong>
Component: libguestfsAssignee: Richard W.M. Jones <rjones>
Status: CLOSED NOTABUG QA Contact: Virtualization Bugs <virt-bugs>
Severity: low Docs Contact:
Priority: medium    
Version: unspecifiedCC: leiwang, linl, mbooth, ptoscano, rbalakri, wshi
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1152833 (view as bug list) Environment:
Last Closed: 2017-06-26 14:03:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1152833, 1288337    

Description Lingfei Kong 2014-10-15 03:04:34 UTC 
Description of problem:
Enable SELinux support for the guest, try to use llz to get security context for files, but only get ? for all files in the guest.


Version-Release number of selected component (if applicable):
libguestfs-1.27.62-1.1.el7


How reproducible:
100%


Steps to Reproduce:
1. Get a rhel guest image: rhel.img
2. #guestfish -i -a rhel.img --selinux llz /


Actual results:
#guestfish -i -a rhel.img --selinux llz /
dr-xr-xr-x root root ?                                .
drwxr-xr-x root root ?                                ..
-rw------- root root ?                                .bash_history
dr-xr-xr-x root root ?                                bin
dr-xr-xr-x root root ?                                boot
drwxr-xr-x root root ?                                cgroup
drwxr-xr-x root root ?                                dev
drwxr-xr-x root root ?                                etc
.....


Expected results:
The selinux lable should not be ? but some thing like:
system_u:object_r:bin_t:s0       bin
system_u:object_r:boot_t:s0      boot
system_u:object_r:device_t:s0    dev
system_u:object_r:etc_t:s0       etc


Additional info:
Comment 4 Richard W.M. Jones 2017-02-16 15:12:31 UTC 
Moving this bug upstream as it is unlikely to be encountered
by RHEL customers.
Comment 5 Pino Toscano 2017-06-26 13:51:35 UTC 
'llz' is mostly a debugging API, which gives human-readable output. If you want to find out the real attributes (including SELinux ones) of a file/directory, then 'lgetxattrs' is a better API for this.

Also, since libguestfs 1.33.43, 'llz' (with most of the other SELinux APIs) is deprecated:
https://github.com/libguestfs/libguestfs/commit/35bac3a6501354e4a3805877d950e741429f169b

IMHO this should be considered NOTABUG.
Comment 6 Pino Toscano 2017-06-26 14:03:07 UTC 
‎<‎rwmjones‎>‎ pino|work: yeah I'd say close 1152818 as NOTABUG
‎<‎rwmjones‎>‎ (the API it never worked)

Confirmed with Rich, so closing it.